include_once($_SERVER['DOCUMENT_ROOT'] . '/202-config/connect.php'); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $mysql['user_name'] = mysql_real_escape_string($_POST['user_name']); $user_pass = salt_user_pass($_POST['user_pass']); $mysql['user_pass'] = mysql_real_escape_string($user_pass); //check to see if this user exists $user_sql = " SELECT * FROM 202_users WHERE user_name='".$mysql['user_name']."' AND user_pass='".$mysql['user_pass']."'"; $user_result = _mysql_query($user_sql); $user_row = mysql_fetch_assoc($user_result); if (!$user_row) { $error['user'] = '